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Rejection of the Claims 

Claims 9 and 11-12 were again rejected under 35 U.S.C. 02(e) as being 
anticipated by U.S. Patent Publication No. 2004/0073612, Maris stal. (" Maria "). In 
addition, claims 1-8, 10, 13-15 and 16-23 were again rejected ui i Jer 35 U.S.C. § 103(a) 
as being unpatentable over Maria . These rejections are most respectfully traversed, as 
follows. 

It Is most respectfully submitted that the present claims s< s : forth combinations of 
features that are not even remotely taught or suggested by the r Terences of record. 
The foregoing arguments submitted in the prior response are inc nrporated herein by 
reference. In addition, for the Examiner's appreciation, some ac c itional remarks are 
included below. 

Independent Claim 1 

Among other things, claim 1 recites: 

"a microprocessor programmed to terminate a connec t on between the user 
computer and the network when an originating IP address of a data packet 
received from the user computer does not match the IP address assigned to 
the user computer that Is contained In the memory. " 
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The Maria reference does not even remotely teach or su ;gest such features. 
The following sections discuss some of these and other deficier c ies in further detail. 

1. No Match to Computer 

Among other things, the above-identified recitations in clc in 1 include having an 
"IP address assigned to the user computer." Emphasis added. On the other hand, the 
Maria reference does not involve having any IP Address being c i signed to any 
computer. As set forth above , the IP addresses in the Maria re c rence are addressed 
without regard to the identity of the source computer. As set fc r (h above, the Maria 
system merely passes packets as long as they are from any one of a long list of IP 
Addresses, see e.g. column 2, lines 42+, without any regard for i whether or not a 
particular source computer transmits a packet having a particular IP Address. 

2. No Termination Without Match 

Among other things, the above-noted recitations in claim I also include that there 
is a "microprocessor programmed to terminate a connection ... \ nen an originating IP 
address ... does not match the IP address assigned to the us <ir computer." It is 
most respectfully submitted that the Maria reference cannot be ' iasonably construed 

7 



PAGE 10/23 * RCVD AT W22/2005 7:48:12 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-1/0 * DNI8:872930B " CSID:202B590105 * DURATION (mm-ss):08-26 



JUN, 22 2005 G:51PM NO VRKDRUCE , LLP 202G590105 p. 11 

AppL No.: 09/690,818 

Reply to Office Action of January 27, 2005 

to include such features. 

Notably, the Maria reference maintains a large source lisi Df IP Addresses - i.e., 
which includes "hundreds to several thousand" IP Addresses. ; * scordingly, the Maria 
reference will not "terminate a connection" under the conditions r ecited in claim 1 . 
Notably, since the source list includes hundreds or thousands IF Addresses, which 
relate to hundreds or thousands of computers, the Maria referer i e will necessarily allow 
the communication and will clearly allow the connection under r iany situations in which 
"an originating IP address ... does not match [an] IP address as = igned to the user 
computer,* rather than terminating the connection. 

3- No Prevention of Unauthorized Access Via Tha t User Computer 

In addition to the foregoing, it is noted that claim 1 is dire< led to *[ajn access 
control system for preventing an unauthorized access to a netw< i k via a user 
computer." On the other hand, the Maria reference does not coi i emplate what identity 
a source computer may have, much less how to prevent unauthi ) 1zed access via such 
a computer. 
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Independent Claim 5 

Among other things, claim 5 recites: 

"a microprocessor programmed to terminate a conne : ion between the user 
computer and the host computer system when an origins t ng IP address of a 
data packet received from the user computer does not match the IP address 
assigned to the user computer that Is contained En th e memory" 



Parallel to the discussion above with reference to claim 1 , the Maria reference 
does not even remotely teach or suggest the combination of fe* I tires recited in daim 5. 



Independent Claim 9 

Among other things, claim 9 recites: 

"denying the user computer an access to the network i f the originating IP 
address of the data packet Is different from the IP addn » ;s of the user 
computer stored In the memory of the access control s astern" 



Parallel to the discussion above with reference to claim 1 the Maria reference 
does not even remotely teach or suggest the combination of fee t jres recited in claim 9. 



Independent Claim 13 

Among other things, claim 13 recites: 

"terminating a connection between the user computer s r id the host computer 
system if the originating IP address of the data packet is < I fferent from the IP 
address of the user computer stored In the memory o f the access control 
system." 



9 



PACE 12/23 * RCVD AT 6/22)2005 7:46:12 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-1/0 * DNIS:872fl306* CSID:20265fi0105 * DURATION (mm-ss): 06-26 



,JUN. 22 2005 6:52PM NO VRKDRUCE , LLP 2026590105 p. 13 



Appl. No.: 09/690,818 

Reply to Office Action of January 27, 2005 



Parallel to the discussion above with reference to claim 1 , the Maria reference 
does not even remotely teach or suggest the combination of fee I tires recited in claim 
13. 



Independent Claim 16 

Among other things, claim 16 recites: 

"the access control system is programmed to terminate i connection between 
the host computer system and the user computer when a - originating IP address of 
a data packet sent from the user computer for transmissH n to a node in the secure 
network does not match the IP address of the user co itputer contained in the 
memory of the access control system." 



Parallel to the discussion above with reference to claim 1 the Maria reference 
does not even remotely teach or suggest the combination of fee t jres recited in claim 
16. 



Independent Claim 20 

Among other things, claim 20 recites: 

"the access control system is programmed to deny the user computer an access 
to the secure network when an originating IP address of i data packet sent from the 
user computer for transmission to a node in the secure ru >■ work does not match 
the IP address of the user computer contained In the riemory of the access 
control system." 
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Parallel to the discussion above with reference to claim 1 , the Maria reference 
does not even remotely teach or suggest the combination of fe< ii ures recited in claim 
20. 

Independent Claim 21 

Among other things, claim 21 recites: 

"a comparator structure configured to terminate a connc c tion between the user 
computer and the network when an originating IP addres > of a data packet received 
from the user computer does not match the IP address assigned to the user 
computer that Is contained in the memory." 

Parallel to the discussion above with reference to claim 1 the Maria reference 
does not even remotely teach or suggest the combination of fee t jres recited in claim 
21 

In view of the foregoing remarks, it is respectfully submitt 2 i that all of the 
independent claims should be allowable. In addition, the depen> iant claims should also 
be allowable for reasons parallel to that set forth above. In addi i xi, the dependent 
claims also recite additional features that are further not taught c j suggested by the 
references. 
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APPENDIX: Listing of the Claims 

1 . (Original) An access control system for preventing an unauthorized access to 
a network via a user computer connected to the network, the sy > em comprising; 

a memory containing an IP address assigned to the user c omputer; and 
a microprocessor programmed to terminate a connection I letween the user 
computer and the network when an originating IP address of a c sita packet received 
from the user computer does not match the IP address assignee to the user computer 
that is contained in the memory. 

2. (Original) The access control system of claim 1, when * n the microprocessor 
is further programmed to delete the IP address of the user comp irter from the memory 
when the originating IP address of the data packet received fron i user computer does 
not match the IP address assigned to the user computer that is » > mtained in the 
memory. 



3. (Original) The access control system of claim 1 , when s n the microprocessor 
is further programmed to update the IP address of the user compter contained in the 
memory. 
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4. (Original) The access control system of claim 1 , wher = in the memory is a part 
of the microprocessor. 

5. (Original) An access control system for preventing an unauthorized access to 
a network via a user computer connected to the network througi i a host computer 
system, the system comprising: 

a memory containing an IP address assigned to the user c omputer; and 
a microprocessor programmed to terminate a connection between the user 

computer and the host computer system when an originating IP e ddress of a data 

packet received from the user computer does not match the IP c c Idress assigned to the 

user computer that is contained in the memory, 

wherein the access control system is located between th< user computer and the 

host computer system. 

6. (Original) The access control system of claim 5, when \ n the microprocessor 
is further programmed to delete the IP address of the user comp i ter from the memory 
when the originating IP address of the data packet received frorr i the user computer 
does not match the IP address assigned to the user computer th it is contained in the 
memory. 
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7. (Original) The access control system of claim 5, wher = in the microprocessor 
is further programmed to update the IP address of the user com ; uter contained in the 
memory. 

8. (Original) The access control system of claim 5, wher = in the memory is a part 
of the microprocessor. 

9. (Original) A method for preventing an unauthorized a< < ;ess to a network via a 
user computer which is connected to the network and to an access control system, the 
method comprising: 

storing an IP address of the user computer in a memory < * the access control 
system; 

receiving a data packet from the user computer; 

comparing an originating IP address of the data packet w ih the IP address of the 
user computer stored in the memory of the access control systei r i; and 

denying the user computer an access to the network if th< j originating IP address 
of the data packet is different from the IP address of the user co uputer stored in the 
memory of the access control system. 
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10. (Original) The method of claim 9, wherein the denyii i j step includes 
terminating the connection between the user computer and the i stwork. 

1 1 . (Original) The method of claim 9, further comprising i ipdating the IP address 
of the user computer stored in the memory of the access contro system. 

12. (Original) The method of claim 9, further comprising t eleting the IP address 
of the user computer from the memory of the access control sys :< *m rf the originating IP 
address of the data packet is different from the IP address of the user computer stored 
in the memory of the access control system. 

13. (Original) A method of preventing an unauthorized a : sess to a network via a 
user computer connected to the network through a host compub * system which is 
connected to an access control system, the method comprising: 

storing an IP address of the user computer in a memory c I the access control 
system; 

receiving a data packet from the user computer; 

comparing an originating IP address of the data packet wih the IP address of the 
user computer stored in the memory of the access control systei r ; and 
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terminating a connection between the user computer an< the host computer 
system if the originating IP address of the data packet is drfferei i : from the IP address of 
the user computer stored in the memory of the access control s t stem. 

14. (Original) The method of claim 13, further comprisin 3 deleting the IP 
address of the user computer from the memory of the access c : ntrol system if the 
originating IP address of the data packet is different from the IP 1 ddress of the user 
computer stored in the memory of the access control system. 

15. (Original) The method of claim 13, further comprisin* | updating the IP 
address of the user computer stored in the memory of the acces s control system. 

16. (Previously Amended) A secure network comprising 
a host computer system connected to the secure network ; 

an access control system connected to the host computei system and having a 
memory; and 

a user computer connected to the host computer system . nd configured to 
access the secure network through the host computer system, 

wherein the memory of the access control system is progi { immed to terminate a 
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connection between the host computer system and the user coi r puter when an 
originating IP address of a data packet sent from the user comp l ter for transmission to 
a node in the secure network does not match the IP address of Ue user computer 
contained in the memory of the access control system. 

17. (Original) The secure network of claim 16, wherein t *e user computer and 
the host computer system are connected via a Public Switched Telephone Network. 

18. (Original) The secure network of claim 1 6, wherein 1 1 a host computer 
system comprises an access server and a plurality of modems c r id wherein ttie access 
control system is located between the access server and the plu r ality of modems. 

19. (Original) The secure network of claim 16, wherein tl is host computer 
system and the user computer are connected via a local area ne t/vork. 

20. (Original) A secure network comprising: 

a user computer connected to the secure network; and 

an access control system connected to the user computei and having a memory, 
wherein the memory of the access control system contain = an IP address 

18 



PACE 21/23 • RCVD AT 6/22/2005 7:46:12 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-1/0 * DNIS: 8729306 * CSID: 20265901 05 * DURATION (mm-ss): 06-26 



JUM 22 2005 6:54PM NOVHKDRUCE, LLP 



2026590105 



p. 22 



Appl. No.: 09/690,818 

Reply to Office Action of January 27, 2005 

assigned to the user computer, and wherein the access control system is programmed 
to deny the user computer an access to the secure network wh< > i an originating IP 
address of a data packet sent from the user computer for transnission to a node in the 
secure network does not match the IP address of the user com| h jter contained in the 
memory of the access control system. 

21. (Previously Amended) An access control system for preventing an 
unauthorized access to a network via a user computer connecte c 1 to the network, the 
system comprising: 

a memory containing an IP address assigned to the user computer; and 
a comparator structure configured to terminate a connect on between the user 
computer and the network when an originating IP address of a c i ta packet received 
from the user computer does not match the IP address assignee to the user computer 
that is contained in the memory. 

22. (Original) The access control system of claim 21 , wh = rein a comparator 
structure comprises a microprocessor. 

23. (Original) The access control system of claim 22, wh =reln the memory is a 
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part of the microprocessor. 
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